|
Nmap Development
mailing list archives
autonomous system numbers NSE script
From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Tue, 17 Jun 2008 20:40:42 -0400
Hey everyone,
I wrote this script to find autonomous system numbers using the method
described here [1].
But there are two problems:
- A query will return the same ASN if its in the same BGP netblock.
My script also discovers the BGP netblock, is there any way to cache
results in this case - ie check if the IP fits into a netblock that
we've already scanned?
- The website states that the the best way is the DNS method, and
hosts making too many whois queries will be blocked, is there a way to
forge DNS query packets in NSE or would there need to be some kind of
DNS API? I tried making the raw packet in a lua script and ssending it
out but wireshark claimed that the packet was malformed :(
I sent a copy to some of the NSE devs to see if they could figure out
a better way, so now im sending it to the list.
Here is an example of the output:
$ ./nmap --script ASQuery.nse -p80 rhinovirus.org
Starting Nmap 4.65 ( http://nmap.org ) at 2008-06-17 20:39 EDT
Interesting ports on ip-68-178-252-14.ip.secureserver.net (68.178.252.14):
PORT STATE SERVICE
80/tcp open http
Host script results:
|_ Autonomous Numbers: BGP Prefix: 68.178.252.0/22 AS number: 26496
Country Code: US
Cheers,
Michael
[1] http://www.team-cymru.org/Services/ip-to-asn.html
Attachment:
ASQuery.nse
Description:
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
- autonomous system numbers NSE script Michael Pattrick (Jun 17)
| 
Intro
